Provide alert defines for TLSv1.3 and use in the TLSv1.3 code.

Rather than using a mess of SSL_AL_*, SSL_AD_*, SSL3_AD_* and TLS1_AD_* defines, provide our own TLS13_ALERT_* defines and use those. This also provides the alerts that are new to TLSv1.3. ok beck@
author: jsing <jsing@openbsd.org> 2020-05-10 16:56:11 +0000
committer: jsing <jsing@openbsd.org> 2020-05-10 16:56:11 +0000
commit: c957d00cf973cbc8a0fab8656d111863f7e84caf (patch)
tree: c4bd75da2b9e9c766fe3d810fb092c26e65c193f /lib/libssl/tls13_record_layer.c
parent: Conditionalize sleep-before-retry in server code to only be done when (diff)
download: wireguard-openbsd-c957d00cf973cbc8a0fab8656d111863f7e84caf.tar.xz
wireguard-openbsd-c957d00cf973cbc8a0fab8656d111863f7e84caf.zip
1 files changed, 26 insertions, 25 deletions
diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c
index ce6327b6941..9ea1a820ce7 100644
--- a/lib/libssl/tls13_record_layer.c
+++ b/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.36 2020/05/09 15:47:11 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.37 2020/05/10 16:56:11 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -268,13 +268,13 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
 		return TLS13_IO_FAILURE;
 
 	if (!CBS_get_u8(&rl->rbuf_cbs, &alert_level))
-		return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+		return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 
 	if (!CBS_get_u8(&rl->rbuf_cbs, &alert_desc))
-		return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+		return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 
 	if (CBS_len(&rl->rbuf_cbs) != 0)
-		return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+		return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 
 	tls13_record_layer_rbuf_free(rl);
 
@@ -283,21 +283,22 @@ tls13_record_layer_process_alert(struct tls13_record_layer *rl)
 	 * however for error alerts (RFC 8446 section 6.2), the alert level
 	 * must be specified as fatal.
 	 */
-	if (alert_desc == SSL_AD_CLOSE_NOTIFY) {
+	if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
 		rl->read_closed = 1;
 		ret = TLS13_IO_EOF;
-	} else if (alert_desc == SSL_AD_USER_CANCELLED) {
+	} else if (alert_desc == TLS13_ALERT_USER_CANCELED) {
 		/* Ignored at the record layer. */
 		ret = TLS13_IO_WANT_RETRY;
-	} else if (alert_level == SSL3_AL_FATAL) {
+	} else if (alert_level == TLS13_ALERT_LEVEL_FATAL) {
 		rl->read_closed = 1;
 		rl->write_closed = 1;
 		ret = TLS13_IO_ALERT;
-	} else if (rl->legacy_alerts_allowed && alert_level == SSL3_AL_WARNING) {
+	} else if (rl->legacy_alerts_allowed &&
+	    alert_level == TLS13_ALERT_LEVEL_WARNING) {
 		/* Ignored and not passed to the callback. */
 		return TLS13_IO_WANT_RETRY;
 	} else {
-		return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER);
+		return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);
 	}
 
 	rl->alert_cb(alert_desc, rl->cb_arg);
@@ -322,10 +323,10 @@ tls13_record_layer_send_alert(struct tls13_record_layer *rl)
 	rl->alert_data = NULL;
 	rl->alert_len = 0;
 
-	if (rl->alert_desc == SSL_AD_CLOSE_NOTIFY) {
+	if (rl->alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
 		rl->write_closed = 1;
 		ret = TLS13_IO_SUCCESS;
-	} else if (rl->alert_desc == SSL_AD_USER_CANCELLED) {
+	} else if (rl->alert_desc == TLS13_ALERT_USER_CANCELED) {
 		/* Ignored at the record layer. */
 		ret = TLS13_IO_SUCCESS;
 	} else {
@@ -796,13 +797,13 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
 	 */
 	if (content_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
 		if (!rl->ccs_allowed || rl->ccs_seen >= 2)
-			return tls13_send_alert(rl, SSL_AD_UNEXPECTED_MESSAGE);
+			return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 		if (!tls13_record_content(rl->rrec, &cbs))
-			return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+			return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 		if (!CBS_get_u8(&cbs, &ccs))
-			return tls13_send_alert(rl, TLS1_AD_DECODE_ERROR);
+			return tls13_send_alert(rl, TLS13_ALERT_DECODE_ERROR);
 		if (ccs != 1)
-			return tls13_send_alert(rl, SSL_AD_ILLEGAL_PARAMETER);
+			return tls13_send_alert(rl, TLS13_ALERT_ILLEGAL_PARAMETER);
 		rl->ccs_seen++;
 		tls13_record_layer_rrec_free(rl);
 		return TLS13_IO_WANT_RETRY;
@@ -814,7 +815,7 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
 	 * dummy ChangeCipherSpec messages, handled above).
 	 */
 	if (rl->aead != NULL && content_type != SSL3_RT_APPLICATION_DATA)
-		return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+		return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 
 	if (!tls13_record_layer_open_record(rl))
 		goto err;
@@ -829,7 +830,7 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
 	if (CBS_len(&rl->rbuf_cbs) == 0 &&
 	    (rl->rbuf_content_type == SSL3_RT_ALERT ||
 	     rl->rbuf_content_type == SSL3_RT_HANDSHAKE))
-		return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+		return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 
 	switch (rl->rbuf_content_type) {
 	case SSL3_RT_ALERT:
@@ -840,11 +841,11 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
 
 	case SSL3_RT_APPLICATION_DATA:
 		if (!rl->handshake_completed)
-			return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+			return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 		break;
 
 	default:
-		return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+		return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 	}
 
 	return TLS13_IO_SUCCESS;
@@ -887,7 +888,7 @@ tls13_record_layer_read_internal(struct tls13_record_layer *rl,
 	 * any record type that isn't a handshake until we are done.
 	 */
 	if (rl->phh && rl->rbuf_content_type != SSL3_RT_HANDSHAKE)
-		return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+		return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 
 	if (rl->rbuf_content_type != content_type) {
 		/*
@@ -941,7 +942,7 @@ tls13_record_layer_read_internal(struct tls13_record_layer *rl,
 			}
 		}
 
-		return tls13_send_alert(rl, SSL3_AD_UNEXPECTED_MESSAGE);
+		return tls13_send_alert(rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
 	}
 
 	if (n > CBS_len(&rl->rbuf_cbs))
@@ -1151,12 +1152,12 @@ tls13_write_application_data(struct tls13_record_layer *rl, const uint8_t *buf,
 ssize_t
 tls13_send_alert(struct tls13_record_layer *rl, uint8_t alert_desc)
 {
-	uint8_t alert_level = SSL3_AL_FATAL;
+	uint8_t alert_level = TLS13_ALERT_LEVEL_FATAL;
 	ssize_t ret;
 
-	if (alert_desc == SSL_AD_CLOSE_NOTIFY ||
-	    alert_desc == SSL_AD_USER_CANCELLED)
-		alert_level = SSL3_AL_WARNING;
+	if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY ||
+	    alert_desc == TLS13_ALERT_USER_CANCELED)
+		alert_level = TLS13_ALERT_LEVEL_WARNING;
 
 	do {
 		ret = tls13_record_layer_alert(rl, alert_level, alert_desc);
author	jsing <jsing@openbsd.org>	2020-05-10 16:56:11 +0000
committer	jsing <jsing@openbsd.org>	2020-05-10 16:56:11 +0000
commit	c957d00cf973cbc8a0fab8656d111863f7e84caf (patch)
tree	c4bd75da2b9e9c766fe3d810fb092c26e65c193f /lib/libssl/tls13_record_layer.c
parent	Conditionalize sleep-before-retry in server code to only be done when (diff)
download	wireguard-openbsd-c957d00cf973cbc8a0fab8656d111863f7e84caf.tar.xz wireguard-openbsd-c957d00cf973cbc8a0fab8656d111863f7e84caf.zip